CVE-2023-53982
SQL Injection in PMB 7.4.6 ajax.php Enables Data Extraction
Publication date: 2025-12-23
Last updated on: 2025-12-23
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sigb | pmb | 7.4.6 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2023-53982 is a critical SQL injection vulnerability in PMB version 7.4.6. It exists in the 'storage' parameter of the ajax.php endpoint, specifically in the unsanitized 'id' parameter. This flaw allows remote attackers to inject SQL code, including conditional sleep statements, enabling time-based blind SQL injection attacks. Through this, attackers can manipulate database queries to extract sensitive information or perform other unauthorized database operations. [3, 4]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to sensitive data by allowing attackers to extract information from the database. It can also enable attackers to manipulate or alter data integrity and potentially cause denial of service by locking or delaying database operations. The high CVSS scores indicate a severe impact on confidentiality and integrity, with low impact on availability. [3, 4]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the 'id' parameter of the ajax.php endpoint with SQL injection payloads that cause time delays, such as conditional sleep statements. For example, using the sqlmap tool with the command: sqlmap -u "http://localhost/pmb/opac_css/ajax.php?categ=storage&datetime=undefined&id=1&module=ajax&sub=save&token=undefined" -p "id" can help identify the SQL injection vulnerability by injecting payloads and observing response delays. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating PMB to a version that patches this SQL injection vulnerability, such as versions later than 7.4.6. If an update is not immediately possible, restrict access to the vulnerable ajax.php endpoint, implement web application firewall (WAF) rules to block malicious SQL injection payloads targeting the 'id' parameter, and monitor for suspicious activity. Applying input validation and sanitization on the 'id' parameter is also recommended. [4, 3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows remote attackers to extract sensitive information from the database through SQL injection, which can lead to unauthorized access and data leakage. Such data breaches can compromise compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive data against unauthorized access and ensuring data integrity. Therefore, exploitation of this vulnerability could result in non-compliance with these standards due to potential exposure of confidential information. [3, 4]